Ubuntu Security Notice 1695-1 - It was discovered that RPM incorrectly handled certain package headers. If a user or automated system were tricked into installing a specially crafted RPM package, an attacker could cause RPM to crash, resulting in a denial of service, or possibly execute arbitrary code.
6ed9935c9f025dd952fa66e4029346a68a2ebc1e3fc480dae4564c72c2376d6bGentoo Linux Security Advisory 201206-26 - Multiple vulnerabilities have been found in RPM, possibly allowing local attackers to gain elevated privileges or remote attackers to execute arbitrary code. Versions less than 4.9.1.3 are affected.
ab1825cda7c1f6e700c1cf9925ad6cba5cb080ac3b1c27843cc194156b51709dMandriva Linux Security Advisory 2012-056 - Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code. The updated packages have been patched to correct this issue.
3cce8f594ce82a2d7bc2edb723cc43de307c29149602c95cb21180eb1ae8a462Red Hat Security Advisory 2012-0451-01 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code.
d797f3fc256507eacc48716717d15d5fd6983e28a36101b9b64789629fbc8c65
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed